Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/aXUaEE4Rc3FPn930-LUjFOMalKE.roa
File: aXUaEE4Rc3FPn930-LUjFOMalKE.roa (raw, json)
Hash identifier: k4xvVX6CkM3fxWMUWFx76Dj4mkNerIxARf8E+Dyy4rw=
Subject key identifier: 69:75:1A:10:4E:11:73:71:4F:9F:DD:F4:F8:B5:23:14:E3:1A:94:A1
Certificate issuer: /CN=28178243a0866b091272d1e1eb451e71e413b99a
Certificate serial: 01953C7D476DFEAF9BD3EC1B730EDD538D4E
Authority key identifier: 28:17:82:43:A0:86:6B:09:12:72:D1:E1:EB:45:1E:71:E4:13:B9:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/aXUaEE4Rc3FPn930-LUjFOMalKE.roa
Signing time: Tue 25 Feb 2025 09:43:17 +0000
ROA not before: Tue 25 Feb 2025 09:43:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208152
IP address blocks: 45.85.220.0/22 maxlen: 22
185.61.248.0/22 maxlen: 22
2a13:86c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3c:7d:47:6d:fe:af:9b:d3:ec:1b:73:0e:dd:53:8d:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28178243a0866b091272d1e1eb451e71e413b99a
Validity
Not Before: Feb 25 09:43:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69751a104e1173714f9fddf4f8b52314e31a94a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:96:ba:85:88:ab:4f:63:a8:d2:4d:bc:db:1d:
32:de:f1:78:70:ca:a0:31:18:57:b2:bc:95:ca:0c:
02:16:7a:9f:fb:5e:2a:17:be:ef:f3:9a:10:7d:fe:
db:99:43:85:b9:a6:6f:63:3f:78:0b:a4:f7:fd:2a:
8d:39:59:ef:96:7c:1b:bc:2c:fb:5f:fe:7b:55:8f:
a9:10:8d:76:d8:aa:90:76:e2:77:8f:b5:6a:46:40:
ac:90:e2:11:18:8b:f9:0c:22:86:f7:30:b0:38:83:
00:4c:a3:3b:07:75:72:f3:5b:5d:5a:97:75:43:68:
c0:8b:cc:03:4f:00:e9:c1:da:1e:bd:88:0c:f2:c6:
6a:90:1c:09:f1:fb:30:f0:ad:76:9a:f0:14:ea:3e:
3d:09:b3:85:3d:10:8c:ac:2d:a8:fa:c2:ba:cd:1e:
1f:7e:c7:a0:9b:dc:8f:f0:f9:c3:c1:88:f7:2f:de:
f1:b2:08:5c:55:88:88:80:c1:45:ad:24:67:a7:2c:
2c:27:7e:c4:e8:05:69:4c:98:4d:ca:50:88:60:2d:
22:f7:2e:ae:d8:5a:ec:3b:a8:dd:cf:ad:b3:20:64:
8e:13:49:ff:6e:3d:9f:a6:f0:6e:2c:c7:54:49:34:
96:8f:6d:54:1b:e5:1c:7f:ad:c4:48:67:19:b3:01:
27:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:75:1A:10:4E:11:73:71:4F:9F:DD:F4:F8:B5:23:14:E3:1A:94:A1
X509v3 Authority Key Identifier:
keyid:28:17:82:43:A0:86:6B:09:12:72:D1:E1:EB:45:1E:71:E4:13:B9:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBeCQ6CGawkSctHh60UeceQTuZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/aXUaEE4Rc3FPn930-LUjFOMalKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/747db8-ac57-46a8-b632-6ce3c03a134c/1/KBeCQ6CGawkSctHh60UeceQTuZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.220.0/22
185.61.248.0/22
IPv6:
2a13:86c0::/29
Signature Algorithm: sha256WithRSAEncryption
a7:90:16:99:dd:5b:05:1c:9f:d9:70:65:78:25:c1:d2:52:0c:
02:ba:b1:b8:62:c8:0a:5d:bb:7d:ff:73:49:c3:d7:27:43:b3:
ed:16:51:66:41:50:93:1b:b7:36:67:7f:8b:5e:e6:75:e9:c7:
d6:41:d7:03:a2:0d:40:19:59:1c:44:1a:34:12:cb:87:8e:36:
56:19:27:cd:a2:ad:b9:5b:cc:27:02:a7:95:6f:3a:8b:cb:db:
53:d4:d6:eb:59:46:d3:29:8c:26:25:5f:d0:eb:b5:f6:09:51:
8a:e8:67:c7:0b:4b:19:9f:94:77:46:fa:63:0c:72:c9:a8:ce:
ef:4c:3d:97:08:6a:42:13:7d:e6:51:ce:00:78:8a:da:ee:7d:
33:66:d8:8b:ad:2d:28:a4:29:0c:c4:7b:6b:3b:c9:58:3a:7b:
e8:2d:23:66:67:05:fa:94:bb:04:f5:4c:ae:5c:5f:bc:d2:5b:
a4:ae:13:78:ae:2e:6c:8e:8a:52:fd:06:d9:3c:fd:0b:8d:50:
15:a5:9f:4d:a2:c3:89:06:9c:74:78:f4:39:34:6d:4f:17:5d:
60:86:a5:da:95:d8:ce:02:01:be:51:8b:6c:d5:a5:30:eb:e4:
ba:bd:fc:ef:b3:79:90:6b:68:b6:a3:11:0f:e7:e6:f0:ef:87:
26:00:7a:40
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZU8fUdt/q+b0+wbcw7dU41OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTc4MjQzYTA4NjZiMDkxMjcyZDFlMWViNDUxZTcxZTQx
M2I5OWEwHhcNMjUwMjI1MDk0MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc1MWExMDRlMTE3MzcxNGY5ZmRkZjRmOGI1MjMxNGUzMWE5NGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA85a6hYirT2Oo0k282x0y3vF4cMqg
MRhXsryVygwCFnqf+14qF77v85oQff7bmUOFuaZvYz94C6T3/SqNOVnvlnwbvCz7
X/57VY+pEI122KqQduJ3j7VqRkCskOIRGIv5DCKG9zCwOIMATKM7B3Vy81tdWpd1
Q2jAi8wDTwDpwdoevYgM8sZqkBwJ8fsw8K12mvAU6j49CbOFPRCMrC2o+sK6zR4f
fsegm9yP8PnDwYj3L97xsghcVYiIgMFFrSRnpywsJ37E6AVpTJhNylCIYC0i9y6u
2FrsO6jdz62zIGSOE0n/bj2fpvBuLMdUSTSWj21UG+Ucf63ESGcZswEnWQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGl1GhBOEXNxT5/d9Pi1IxTjGpShMB8GA1UdIwQY
MBaAFCgXgkOghmsJEnLR4etFHnHkE7maMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JlQ1E2Q0dhd2tTY3RIaDYwVWVjZVFUdVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS83NDdkYjgtYWM1Ny00NmE4LWI2MzIt
NmNlM2MwM2ExMzRjLzEvYVhVYUVFNFJjM0ZQbjkzMC1MVWpGT01hbEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS83NDdkYjgtYWM1Ny00NmE4LWI2MzItNmNlM2MwM2ExMzRj
LzEvS0JlQ1E2Q0dhd2tTY3RIaDYwVWVjZVFUdVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVXcAwQC
uT34MA0EAgACMAcDBQMqE4bAMA0GCSqGSIb3DQEBCwUAA4IBAQCnkBaZ3VsFHJ/Z
cGV4JcHSUgwCurG4YsgKXbt9/3NJw9cnQ7PtFlFmQVCTG7c2Z3+LXuZ16cfWQdcD
og1AGVkcRBo0EsuHjjZWGSfNoq25W8wnAqeVbzqLy9tT1NbrWUbTKYwmJV/Q67X2
CVGK6GfHC0sZn5R3RvpjDHLJqM7vTD2XCGpCE33mUc4AeIra7n0zZtiLrS0opCkM
xHtrO8lYOnvoLSNmZwX6lLsE9UyuXF+80lukrhN4ri5sjopS/QbZPP0LjVAVpZ9N
osOJBpx0ePQ5NG1PF11ghqXaldjOAgG+UYts1aUw6+S6vfzvs3mQa2i2oxEP5+bw
74cmAHpA
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:49 2025 by rpki-client on console.sobornost.net